[apparmor] 2.5.1 build failure on Arch

John Johansen john.johansen at canonical.com
Tue Oct 19 23:51:41 BST 2010 

On 10/19/2010 03:34 PM, andrew thomas wrote:
>  On 10/19/2010 05:05 PM, John Johansen wrote:
>> On 10/19/2010 02:38 PM, andrew thomas wrote:
>>>  On 10/19/2010 03:47 PM, John Johansen wrote:
>>>> On 10/19/2010 01:24 PM, andrew thomas wrote:
>>>> <  snip>
>>>>
>>>>> Thanks for your reply John,
>>>>> The weird thing is that I am using the same .config file to build my kernels on ubuntu, debian&  arch and apparmor works just fine on the first two.  Here is the security section.
>>>>>
>>>> okay definitely strange.  Let me get this straight, you build the same kernel on ubuntu, debian, and arch, and it works on ubuntu, and debian but not arch?
>>>>
>>> Yes.
>>>> Does /sys/kernel/security exist in the arch kernel?
>>> Yes, just empty.
>> what does mount show?
> 
>     # mount
>     proc on /proc type proc (rw,relatime)
>     sys on /sys type sysfs (rw,relatime)
>     udev on /dev type tmpfs (rw,nosuid,relatime,size=10240k,mode=755)
>     /dev/sda11 on / type ext4 (rw,commit=0)
>     fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
>     devpts on /dev/pts type devpts (rw)
>     shm on /dev/shm type tmpfs (rw,nosuid,nodev)
>     gvfs-fuse-daemon on /home/andrew/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=andrew)
> 
> 
>> eg. on Ubuntu I get the following as the entry for securityfs
>>
>> none on /sys/kernel/security type securityfs (rw)
>>
>>
>> if this is missing, does doing the following mount create the entry
>> mount -t securityfs none /sys/kernel/security
>>
>> and if it does what does /sys/kernel/security/ show after
> Yes.  It is there now. 
> 
>     [root at asus ~]# cd /sys/kernel/security
>     [root at asus security]# ls -al
>     total 0
>     drwxr-xr-x 3 root root 0 Oct 19 11:29 .
>     drwxr-xr-x 7 root root 0 Oct 19 11:29 ..
>     drwxr-xr-x 2 root root 0 Oct 19 11:29 apparmor
>     [root at asus security]# cd apparmor
>     [root at asus apparmor]# ls -al
>     total 0
>     drwxr-xr-x 2 root root 0 Oct 19 11:29 .
>     drwxr-xr-x 3 root root 0 Oct 19 11:29 ..
>     -rw-r----- 1 root root 0 Oct 19 11:29 .load
>     -rw-r----- 1 root root 0 Oct 19 11:29 .remove
>     -rw-r----- 1 root root 0 Oct 19 11:29 .replace
>     -r--r--r-- 1 root root 0 Oct 19 11:29 features
>     -r--r--r-- 1 root root 0 Oct 19 11:29 matching
>     -r--r----- 1 root root 0 Oct 19 11:29 profiles
> 
> 
Alright, all you need is a mount entry as either part of your init scripts or preferably your mtab and things should just work

the ubuntu mtab has
none /sys/kernel/security securityfs rw 0 0

More information about the AppArmor mailing list